Spyware
Abebot
trojandownloader.xs
And another popup I keep getting is that my computer cannot find the file" C:\WINDOWS\system32\nsmss.exe" because it's missing or something...
How do I get rid of these popups as well as the viruses? I tried using Antivirus programs and the steps on the sticky, but nothing's been working.
Here's the HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:52:50 PM, on 4/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spcxwfyr.exe
C:\Program Files\PC-Cleaner\PC-Cleaner.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\YPOPs\YPOPs.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Finale 2006\FINALE.EXE
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
F2 - REG:system.ini: Shell=Explorer.exe C:\system32\nsmss.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\system32\nsmss.exe
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [vrbatinjxjto] C:\WINDOWS\system32\vrbatinjxjto.exe
O4 - HKLM\..\Run: [mlqin] C:\WINDOWS\system32\mlqin.exe
O4 - HKLM\..\Run: [o] C:\WINDOWS\system32\o.exe
O4 - HKLM\..\Run: [gnm] C:\WINDOWS\system32\gnm.exe
O4 - HKLM\..\Run: [imepz] C:\WINDOWS\system32\imepz.exe
O4 - HKLM\..\Run: [tgbtuf] C:\WINDOWS\system32\tgbtuf.exe
O4 - HKLM\..\Run: [swryibfb] C:\WINDOWS\system32\swryibfb.exe
O4 - HKLM\..\Run: [dwyx] C:\WINDOWS\system32\dwyx.exe
O4 - HKLM\..\Run: [qci] C:\WINDOWS\system32\qci.exe
O4 - HKLM\..\Run: [gv] C:\WINDOWS\system32\gv.exe
O4 - HKLM\..\Run: [fuirkcttp] C:\WINDOWS\system32\fuirkcttp.exe
O4 - HKLM\..\Run: [hgu] C:\WINDOWS\system32\hgu.exe
O4 - HKLM\..\Run: [pwhdv] C:\WINDOWS\system32\pwhdv.exe
O4 - HKLM\..\Run: [immcyixkfpvd] C:\WINDOWS\system32\immcyixkfpvd.exe
O4 - HKLM\..\Run: [swjvwelhzoie] C:\WINDOWS\system32\swjvwelhzoie.exe
O4 - HKLM\..\Run: [efp] C:\WINDOWS\system32\efp.exe
O4 - HKLM\..\Run: [jkaamysc] C:\WINDOWS\system32\jkaamysc.exe
O4 - HKLM\..\Run: [ay] C:\WINDOWS\system32\ay.exe
O4 - HKLM\..\Run: [cgadcmqns] C:\WINDOWS\system32\cgadcmqns.exe
O4 - HKLM\..\Run: [auhuqaxnord] C:\WINDOWS\system32\auhuqaxnord.exe
O4 - HKLM\..\Run: [vulaeesuj] C:\WINDOWS\system32\vulaeesuj.exe
O4 - HKLM\..\Run: [dcpnovjbg] C:\WINDOWS\system32\dcpnovjbg.exe
O4 - HKLM\..\Run: [gypoq] C:\WINDOWS\system32\gypoq.exe
O4 - HKLM\..\Run: [nkspa] C:\WINDOWS\system32\nkspa.exe
O4 - HKLM\..\Run: [dkjxthx] C:\WINDOWS\system32\dkjxthx.exe
O4 - HKLM\..\Run: [tltlohk] C:\WINDOWS\system32\tltlohk.exe
O4 - HKLM\..\Run: [zjz] C:\WINDOWS\system32\zjz.exe
O4 - HKLM\..\Run: [bkaghm] C:\WINDOWS\system32\bkaghm.exe
O4 - HKLM\..\Run: [gx] C:\WINDOWS\system32\gx.exe
O4 - HKLM\..\Run: [tum] C:\WINDOWS\system32\tum.exe
O4 - HKLM\..\Run: [c] C:\WINDOWS\system32\c.exe
O4 - HKLM\..\Run: [sabvg] C:\WINDOWS\system32\sabvg.exe
O4 - HKLM\..\Run: [bkxsqt] C:\WINDOWS\system32\bkxsqt.exe
O4 - HKLM\..\Run: [fz] C:\WINDOWS\system32\fz.exe
O4 - HKLM\..\Run: [enixkmuao] C:\WINDOWS\system32\enixkmuao.exe
O4 - HKLM\..\Run: [ngsgwm] C:\WINDOWS\system32\ngsgwm.exe
O4 - HKLM\..\Run: [bjjcpa] C:\WINDOWS\system32\bjjcpa.exe
O4 - HKLM\..\Run: [as] C:\WINDOWS\system32\as.exe
O4 - HKLM\..\Run: [mcyxssaivo] C:\WINDOWS\system32\mcyxssaivo.exe
O4 - HKLM\..\Run: [cihwboz] C:\WINDOWS\system32\cihwboz.exe
O4 - HKLM\..\Run: [hxci] C:\WINDOWS\system32\hxci.exe
O4 - HKLM\..\Run: [rwvqdql] C:\WINDOWS\system32\rwvqdql.exe
O4 - HKLM\..\Run: [fnfvl] C:\WINDOWS\system32\fnfvl.exe
O4 - HKLM\..\Run: [ivfzpukpx] C:\WINDOWS\system32\ivfzpukpx.exe
O4 - HKLM\..\Run: [rkzgyedwoj] C:\WINDOWS\system32\rkzgyedwoj.exe
O4 - HKLM\..\Run: [ui] C:\WINDOWS\system32\ui.exe
O4 - HKLM\..\Run: [fdue] C:\WINDOWS\system32\fdue.exe
O4 - HKLM\..\Run: [uxxyuiox] C:\WINDOWS\system32\uxxyuiox.exe
O4 - HKLM\..\Run: [unpxnlhijwwq] C:\WINDOWS\system32\unpxnlhijwwq.exe
O4 - HKLM\..\Run: [cajc] C:\WINDOWS\system32\cajc.exe
O4 - HKLM\..\Run: [znretirxb] C:\WINDOWS\system32\znretirxb.exe
O4 - HKLM\..\Run: [oofbxewygwfc] C:\WINDOWS\system32\oofbxewygwfc.exe
O4 - HKLM\..\Run: [dezogesypqz] C:\WINDOWS\system32\dezogesypqz.exe
O4 - HKLM\..\Run: [nf] C:\WINDOWS\system32\nf.exe
O4 - HKLM\..\Run: [uwi] C:\WINDOWS\system32\uwi.exe
O4 - HKLM\..\Run: [zichmoxpd] C:\WINDOWS\system32\zichmoxpd.exe
O4 - HKLM\..\Run: [qyeeqrdrhwd] C:\WINDOWS\system32\qyeeqrdrhwd.exe
O4 - HKLM\..\Run: [jzueyodk] C:\WINDOWS\system32\jzueyodk.exe
O4 - HKLM\..\Run: [wqgf] C:\WINDOWS\system32\wqgf.exe
O4 - HKLM\..\Run: [qgnon] C:\WINDOWS\system32\qgnon.exe
O4 - HKLM\..\Run: [knskf] C:\WINDOWS\system32\knskf.exe
O4 - HKLM\..\Run: [npjsqqvmwnw] C:\WINDOWS\system32\npjsqqvmwnw.exe
O4 - HKLM\..\Run: [lyvndtp] C:\WINDOWS\system32\lyvndtp.exe
O4 - HKLM\..\Run: [taa] C:\WINDOWS\system32\taa.exe
O4 - HKLM\..\Run: [gl] C:\WINDOWS\system32\gl.exe
O4 - HKLM\..\Run: [aehoqzowb] C:\WINDOWS\system32\aehoqzowb.exe
O4 - HKLM\..\Run: [lnritgsrbbs] C:\WINDOWS\system32\lnritgsrbbs.exe
O4 - HKLM\..\Run: [xrxlaoppxcy] C:\WINDOWS\system32\xrxlaoppxcy.exe
O4 - HKLM\..\Run: [asakfc] C:\WINDOWS\system32\asakfc.exe
O4 - HKLM\..\Run: [hvbjdofygs] C:\WINDOWS\system32\hvbjdofygs.exe
O4 - HKLM\..\Run: [jdvdvryije] C:\WINDOWS\system32\jdvdvryije.exe
O4 - HKLM\..\Run: [wxofdq] C:\WINDOWS\system32\wxofdq.exe
O4 - HKLM\..\Run: [sotpiswnba] C:\WINDOWS\system32\sotpiswnba.exe
O4 - HKLM\..\Run: [uk] C:\WINDOWS\system32\uk.exe
O4 - HKLM\..\Run: [w] C:\WINDOWS\system32\w.exe
O4 - HKLM\..\Run: [spzk] C:\WINDOWS\system32\spzk.exe
O4 - HKLM\..\Run: [iqpj] C:\WINDOWS\system32\iqpj.exe
O4 - HKLM\..\Run: [cktjvmgo] C:\WINDOWS\system32\cktjvmgo.exe
O4 - HKLM\..\Run: [dlft] C:\WINDOWS\system32\dlft.exe
O4 - HKLM\..\Run: [lomv] C:\WINDOWS\system32\lomv.exe
O4 - HKLM\..\Run: [ljllixooklaq] C:\WINDOWS\system32\ljllixooklaq.exe
O4 - HKLM\..\Run: [gug] C:\WINDOWS\system32\gug.exe
O4 - HKLM\..\Run: [ieepiyz] C:\WINDOWS\system32\ieepiyz.exe
O4 - HKLM\..\Run: [trwsno] C:\WINDOWS\system32\trwsno.exe
O4 - HKLM\..\Run: [ecpnkexzfo] C:\WINDOWS\system32\ecpnkexzfo.exe
O4 - HKLM\..\Run: [pi] C:\WINDOWS\system32\pi.exe
O4 - HKLM\..\Run: [spellaxt] C:\WINDOWS\system32\spellaxt.exe
O4 - HKLM\..\Run: [qhyekyn] C:\WINDOWS\system32\qhyekyn.exe
O4 - HKLM\..\Run: [ie] C:\WINDOWS\system32\ie.exe
O4 - HKLM\..\Run: [dylgtzxsse] C:\WINDOWS\system32\dylgtzxsse.exe
O4 - HKLM\..\Run: [sne] C:\WINDOWS\system32\sne.exe
O4 - HKLM\..\Run: [babxvilc] C:\WINDOWS\system32\babxvilc.exe
O4 - HKLM\..\Run: [kewotbpbrb] C:\WINDOWS\system32\kewotbpbrb.exe
O4 - HKLM\..\Run: [auh] C:\WINDOWS\system32\auh.exe
O4 - HKLM\..\Run: [ajlufq] C:\WINDOWS\system32\ajlufq.exe
O4 - HKLM\..\Run: [zlhsfkwgvo] C:\WINDOWS\system32\zlhsfkwgvo.exe
O4 - HKLM\..\Run: [ujuatrv] C:\WINDOWS\system32\ujuatrv.exe
O4 - HKLM\..\Run: [ft] C:\WINDOWS\system32\ft.exe
O4 - HKLM\..\Run: [xywth] C:\WINDOWS\system32\xywth.exe
O4 - HKLM\..\Run: [adllt] C:\WINDOWS\system32\adllt.exe
O4 - HKLM\..\Run: [ibxr] C:\WINDOWS\system32\ibxr.exe
O4 - HKLM\..\Run: [qrfxxr] C:\WINDOWS\system32\qrfxxr.exe
O4 - HKLM\..\Run: [ybkaksuzc] C:\WINDOWS\system32\ybkaksuzc.exe
O4 - HKLM\..\Run: [fn] C:\WINDOWS\system32\fn.exe
O4 - HKLM\..\Run: [xhzxlnyno] C:\WINDOWS\system32\xhzxlnyno.exe
O4 - HKLM\..\Run: [d] C:\WINDOWS\system32\d.exe
O4 - HKLM\..\Run: [rbfw] C:\WINDOWS\system32\rbfw.exe
O4 - HKLM\..\Run: [plsrbje] C:\WINDOWS\system32\plsrbje.exe
O4 - HKLM\..\Run: [jogdiszfxuiq] C:\WINDOWS\system32\jogdiszfxuiq.exe
O4 - HKLM\..\Run: [uckif] C:\WINDOWS\system32\uckif.exe
O4 - HKLM\..\Run: [mmosnioe] C:\WINDOWS\system32\mmosnioe.exe
O4 - HKLM\..\Run: [bqncqj] C:\WINDOWS\system32\bqncqj.exe
O4 - HKLM\..\Run: [cjm] C:\WINDOWS\system32\cjm.exe
O4 - HKLM\..\Run: [akepgexz] C:\WINDOWS\system32\akepgexz.exe
O4 - HKLM\..\Run: [wxeacsx] C:\WINDOWS\system32\wxeacsx.exe
O4 - HKLM\..\Run: [kjqqk] C:\WINDOWS\system32\kjqqk.exe
O4 - HKLM\..\Run: [hphxjad] C:\WINDOWS\system32\hphxjad.exe
O4 - HKLM\..\Run: [aczwbsqsi] C:\WINDOWS\system32\aczwbsqsi.exe
O4 - HKLM\..\Run: [qmulew] C:\WINDOWS\system32\qmulew.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [jxhmxl] C:\WINDOWS\system32\jxhmxl.exe
O4 - HKLM\..\Run: [upe] C:\WINDOWS\system32\upe.exe
O4 - HKLM\..\Run: [odcb] C:\WINDOWS\system32\odcb.exe
O4 - HKLM\..\Run: [scsijajtfzz] C:\WINDOWS\system32\scsijajtfzz.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.0.341.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.0.341.0\ZangoSA.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [sljeqepw] C:\WINDOWS\system32\spcxwfyr.exe
O4 - HKCU\..\Run: [PC-Cleaner] "C:\Program Files\PC-Cleaner\PC-Cleaner.exe" hide
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Epson printer Registration.lnk = E:\E_reg\EpsonReg.EXE
O4 - Startup: YPOPs.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1145145822691
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F4F37D6-8637-4186-9514-F9432A7D7AB1}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4C908B-3DB2-482F-8F73-745AD0CBAC38}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{F17B3CF9-62F0-4721-8DA3-443CC281BED2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F4F37D6-8637-4186-9514-F9432A7D7AB1}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Windows Network Service Monitor (nsmss) - Unknown owner - C:\system32\nsmss.exe (file missing)
O23 - Service: Print Spooler Service (oeldy1bfyefa2) - Unknown owner - C:\WINDOWS\system32\mck.exe (file missing)
O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
--
End of file - 25082 bytes
Edited by Anautikus, 06 April 2008 - 08:51 PM.
Sign In
Create Account
